Palo Alto Networks has launched Nebula, the latest upgrade of its industry-leading PAN-OS software, to help find the evasive, zero-day attacks that can cripple organisations and stop them in their tracks.

PAN-OS 10.2 Nebula collects, analyses and interprets potential zero-day threats in real time using inline deep learning — a network security first. This results in six times faster prevention and 48 per cent more evasive threats detected, surpassing anything previously available. Nebula also introduces AIOps — Palo Alto Networks tenth security service — and the new Advanced Threat Prevention service while enhancing Advanced URL Filtering, DNS Security, internet of things (IoT) Security and other related security services.

Commenting on the development, Lee Klarich, chief product officer, Palo Alto Networks, said, “In the past, nation-state-led cyberattacks were considered the rarest and most advanced. But today, attackers of all kinds have an advanced arsenal at their fingertips; every organisation must now assume they will be the target of a nation-state-level attack. Modern network security requires a fundamentally new approach. Today, Palo Alto Networks has brought that new approach to our ML-Powered Next-Generation Firewalls by harnessing the processing power of the cloud to enable deep learning inline. We believe that is how all network security will be done in the future.”

Security services that are being added and enhanced include:

  • Advanced threat prevention – A new best-in-class intrusion prevention system (IPS), which brings security analysis from “offline” to “inline” using cloud compute for artificial intelligence (AI) and deep learning techniques — without sacrificing performance. Advanced threat prevention can detect many unknown and targeted command and control (C2) attacks as well as evasive attacks from tools such as Cobalt Strike.
  • AIOps – The new AIOps uses machine learning to predict up to 51 per cent of disruptions to NGFWs before they impact the firewalls. In addition, with telemetry from over 6,000 deployments, AIOps continuously recommends best practices to improve overall security posture.
  • DNS security – Now extends protection for the latest DNS-based attack techniques, including strategically aged domains, making it the most comprehensive DNS security solution available with 40 per cent more DNS-based threat coverage than other leading vendors.
  • Advanced URL filtering – Adds prevention of new, highly evasive phishing attacks, ransomware and other web-based attacks through deep learning-powered analysis of web traffic — now including live web content — in real time and inline.
  • IoT security 2.0 – Simplifies IoT device visibility and automates policy creation across seen and unseen devices by using machine learning.

Meanwhile, John Grady, senior analyst, Enterprise Strategy Group (ESG), said, “Security approaches are too often reliant on an initial victim being exploited. Yet, with attackers as agile and efficient as they are today, organisations require real-time prevention to protect their environments. Palo Alto Networks recognises these issues and is expanding its machine learning capabilities by placing Deep Learning detection inline to prevent attacks before they ever impact victim one.”

Also, Rajarshi Dhar, industry analyst, Frost & Sullivan, said, “Palo Alto Networks’ industry-leading machine learning-based platform applies techniques that help customers handle sophisticated threats and meet end-to-end demands across network, endpoint, and cloud security. The company enables enterprises to go beyond standard threat protection by building a strong security posture and resilience.”